﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using Oracle.DataAccess.Client;
using System.Web.Security;

namespace WebApplication.Account
{
    public partial class Login : System.Web.UI.Page
    {
        OracleConnection conn;
        OracleCommand command;
        OracleDataReader reader;

        protected void Page_Load(object sender, EventArgs e)
        {
            RegisterHyperLink.NavigateUrl = "Register.aspx";
            conn = new OracleConnection();
            conn.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["OracleConnectionString"].ToString();
        }

        protected void LoginButtonClicked(object sender, EventArgs e)
        {
            List<String> list = new List<String>();

            string username = LoginUser.UserName;
            string wachtwoord = LoginUser.Password;

            string rfid = "SELECT RFID FROM PERSOON WHERE RFID =" + username;

            command = new OracleCommand(rfid, conn);
            conn.Open();
            reader = command.ExecuteReader();

            while(reader.Read()){
                list.Add(reader[0].ToString());
            }

            conn.Close();
            
            if(list.Count > 0){
                string wachtwoordDB = "SELECT WACHTWOORD FROM PERSOON WHERE RFID =" + username;

                command = new OracleCommand(wachtwoordDB, conn);
                conn.Open();
                reader = command.ExecuteReader();

                while (reader.Read())
                {
                    list.Add(reader[0].ToString());
                }

                conn.Close();

                if (Reserveringssysteem.SHA1Hashing.MaakSHA1(wachtwoord) == list[1])
                {
                    LoginUser_LoggingIn(username);
                }
            }
        }

        protected void LoginUser_LoggingIn(string username)
        {
            string s = "SELECT GEACTIVEERD FROM KLANT_BETALEND WHERE RFID = '" + username + "'";
                command = new OracleCommand(s, conn);
                conn.Open();
                reader = command.ExecuteReader();
                while (reader.Read())
                {
                    if (reader[0].ToString() == "NO")
                    {
                        Response.Redirect("~/Activeren.aspx");
                    }
                    else
                    {
                        if (LoginUser.RememberMeSet)
                        {
                            FormsAuthentication.RedirectFromLoginPage(username, true);
                            Session["username"] = username;
                        }
                        else {
                            FormsAuthentication.RedirectFromLoginPage(username, false);
                            Session["username"] = username;
                        }
                        
                    }
                }
            conn.Close();
        }
    }
}
